Did privacy cause identity theft?

By Luther Martin — October 2, 2009

In his article "Did Privacy Cause Identity Theft?" law professor Lynn LoPucki claims that the problem of identity theft that we have today is directly due to the increased privacy that various laws have given us in the past several years. He says that as recently as the '70s, identity theft was very hard for a criminal to pull off because there was so much public information about our identities. And because identity thieves need privacy to commit their crimes, the very privacy that we think is making things better for us has actually made it easier for identity theft to happen.

There's certainly a correlation between the proliferation of privacy laws and identity theft, but attributing the identity theft to the laws may be an example of post hoc reasoning. It seems to me that the ways in which identities were verified in the past didn't really take advantage of the additional information that was available at the time, even though it was available.

Instead of believing that our higher level of privacy has caused the higher rates of identity theft that we see today, I'd guess that it's just a case of criminals using the technology that's available to them. At the same time that stricter privacy laws made it easier for identity thieves to commit identity theft, information technology also proliferated. When this happened, there was much more information available to identity thieves, so they naturally used this information to commit identity theft. I'd guess that's why identity theft is a bigger problem today than it once was, and that the increased amount of identity theft isn't related to the stricter privacy laws at all.

On the other hand, I could be wrong. If that's the case, then I would expect LoPucki's model to predict that identity theft will decrease over the next several years as the proliferation of social networking web sites provides a handy source for lots of public information about our identities. Or I would expect his model to predict that users of social networking web sites suffer less identity theft than people who don't.